awesome-es
ES toolbox
A curated collection of resources and tools for Splunk Enterprise Security users
A collection of awesome resources for Splunk Enterprise Security
19 stars
3 watching
5 forks
last commit: about 5 years ago
Linked from 1 awesome list
awesomeawesome-listsplunksplunk-enterprise-securitysplunk-es
Awesome ES / Basics | |||
| Splunk Website | |||
Awesome ES / Basics / Splunk Website | |||
| Downloads | |||
| Previous Releases | |||
| Awesome Splunk | 126 | about 5 years ago | A curated list of awesome Splunk resources |
Awesome ES / Basics | |||
| Splunk Enterprise Security Homepage | |||
Awesome ES / Basics / Splunk Enterprise Security Homepage | |||
| Downloads | Download page for licensed users | ||
| Documentation | |||
| ES Splunk Blog Posts | |||
| Splunk ES Content Update | Regularly updated pre-packaged Security Content for use in Splunk ES | ||
Awesome ES / Education and Training | |||
| Tutorial | Tutorial on creation of new Correlation Searches | ||
Awesome ES / Education and Training / Training Classes | |||
| Using Splunk Enterprise Security | |||
Awesome ES / Education and Training / Training Classes / Using Splunk Enterprise Security | |||
| Suggested Learning Path | |||
Awesome ES / Education and Training / Training Classes | |||
| Administering Splunk Enterprise Security | |||
Awesome ES / Education and Training / Training Classes / Administering Splunk Enterprise Security | |||
| Suggested Learning Path | |||
Awesome ES / Education and Training / Certifications | |||
| Splunk Enterprise Security Certified Admin | |||
Awesome ES / Education and Training / Certifications / Splunk Enterprise Security Certified Admin | |||
| Splunk Enterprise Security Certified Admin Blueprint | A guide to the examinable material in the ES Admin certification | ||
Awesome ES / Professional Services | |||
| Splunk Security and Compliance Service Offerings | |||
| Splunk Partners for Enterprise Security Implementation | |||
Awesome ES / Risk Based Alerting | |||
| RBA All Day | Reduce noise by using a Risk Based approach to notable event generation | ||
Awesome ES / Risk Based Alerting / RBA All Day | |||
| SA-RBA | 45 | almost 4 years ago | Solution AddOn for ES, adds custom visualisations and correlation searches for RBA |
| Phantom RBA | Phantom functions for RBA investigations and enrichment | ||
Awesome ES / SOAR Integration | |||
| Splunk Phantom | |||
Awesome ES / SOAR Integration / Splunk Phantom | |||
| Awesome Phantom | 14 | over 5 years ago | Awesome resources for Splunk Phantom |
Awesome ES / Threat Intelligence | |||
| Awesome Threat Intelligence | 8,211 | about 1 year ago | A curated list of awesome threat intelligence resources |
Awesome ES / .Conf Presentations | |||
| All .Conf Presentations for Enterprise Security | |||
| How to Migrate from Legacy SIEM to Splunk | |||
| Enterprise Security Multi-Tenant Fundamentals | |||
malice-plugins/yara
virustotal/yara
sk4la/plast
neo23x0/loki
csirtgadgets/massive-octo-spice
capacitorset/box-js
k-atc/peid
apr4h/cobaltstrikescan
firehol/blocklist-ipsets
eshaan7/flask-shell2http
keithjjones/hostintel
lprat/static_file_analysis
zbetcheckin/security_list